Moodle — система управления образовательными электронными курсами
Релизный цикл, информация об уязвимостях
График релизов
Количество 2 470
CVE-2024-25982
The link to update all installed language packs did not include the ne ...
CVE-2024-25982
The link to update all installed language packs did not include the necessary token to prevent a CSRF risk.
CVE-2024-25981
Separate Groups mode restrictions were not honored when performing a f ...
CVE-2024-25981
Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers.
CVE-2024-25980
Separate Groups mode restrictions were not honored in the H5P attempts ...
CVE-2024-25980
Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers.
CVE-2024-25979
The URL parameters accepted by forum search were not limited to the al ...
CVE-2024-25979
The URL parameters accepted by forum search were not limited to the allowed parameters.
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in ...
CVE-2024-25978
Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано 1 | |
|---|---|---|---|---|
| CVE-2024-25982 The link to update all installed language packs did not include the ne ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
 | CVE-2024-25982 The link to update all installed language packs did not include the necessary token to prevent a CSRF risk. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25981 Separate Groups mode restrictions were not honored when performing a f ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25981 Separate Groups mode restrictions were not honored when performing a forum export, which would export forum data for all groups. By default this only provided additional access to non-editing teachers. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25980 Separate Groups mode restrictions were not honored in the H5P attempts ... | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25980 Separate Groups mode restrictions were not honored in the H5P attempts report, which would display users from other groups. By default this only provided additional access to non-editing teachers. | CVSS3: 4.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25979 The URL parameters accepted by forum search were not limited to the al ... | CVSS3: 5.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25979 The URL parameters accepted by forum search were not limited to the allowed parameters. | CVSS3: 5.3 | 0% Низкий | больше 1 года назад |
| CVE-2024-25978 Insufficient file size checks resulted in a denial of service risk in ... | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
| CVE-2024-25978 Insufficient file size checks resulted in a denial of service risk in the file picker's unzip functionality. | CVSS3: 7.5 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу